Encryption through property files

Some properties relay sensitive data such as user IDs and passwords, which you may want to encrypt.

About this task

Any property (except for the security.propertyencrypter.class property in the yfs.properties file) mentioned in the runtime property files (including the sandbox.cfg file) can be encrypted using the install_dir/properties/customer_overrides.properties file.

To encrypt the properties:

Procedure

  1. Prefix the property value you want to encrypt with encrypted:. For example, 
    yfs.dblogin.datasource.name=encrypted:encrypted value

    The properties prefixed with encrypted: are automatically decrypted during runtime.

  2. Create a custom implementation class (for example com.yantra.api.MyEncrypter), which implements the YCPEncrypter interface. Implement the encrypt() and decrypt() methods. For more information about the interface, see the Sterling Order Management System Software Javadoc.
    Note: Ensure that the double encryption scenarios are handled in the encrypt() method.
  3. Ensure that the security.propertyencrypter.class property is accessible through the CLASSPATH environment variable.
  4. Add the custom implementation class file in a jar and run the <INSTALL_DIR>/bin/install3rdParty.sh(cmd) script to include the jar file in the classpath.
  5. Edit the <INSTALL_DIR>/properties/customer_overrides.properties file and set the following properties: 
    security.encrypter.class=<value>
yfs.security.propertyencrypter.class=<value>
    where <value> refers to the name of your custom implementation class that you created in Step 2. For example, com.yantra.api.MyEncrypter
  6. Run the script <INSTALL_DIR>\bin\setupfiles.cmd (for Windows) or <INSTALL_DIR>/bin/setupfiles.sh (for UNIX or Linux).
  7. Rebuild the product EAR file and redeploy it to the application server.